<%#
 Copyright 2013-2025 the original author or authors from the JHipster project.

 This file is part of the JHipster project, see https://www.jhipster.tech/
 for more information.

 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at

      https://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
-%>
# ===================================================================
# Spring Boot configuration.
#
# This configuration will be overridden by the Spring profile you use,
# for example application-dev.yml if you use the "dev" profile.
#
# More information on profiles: https://www.jhipster.tech/profiles/
# More information on configuration properties: https://www.jhipster.tech/common-application-properties/
# ===================================================================

# ===================================================================
# Standard Spring Boot properties.
# Full reference is available at:
# https://docs.spring.io/spring-boot/appendix/application-properties/index.html
# ===================================================================

---
# Conditionally disable springdoc on missing api-docs profile
spring:
  config:
    activate:
      on-profile: '!api-docs'
springdoc:
  api-docs:
    enabled: false
---

<%_ if (serviceDiscoveryEureka) { _%>
eureka:
  client:
    enabled: true
    healthcheck:
      enabled: true
    fetch-registry: true
    register-with-eureka: true
    instance-info-replication-interval-seconds: 10
    registry-fetch-interval-seconds: 10
  instance:
    appname: <%= baseName.toLowerCase() %>
    instanceId: <%= baseName.toLowerCase() %>:${spring.application.instance-id:${random.value}}
    lease-renewal-interval-in-seconds: 5
    lease-expiration-duration-in-seconds: 10
    status-page-url-path: ${management.endpoints.web.base-path}/info
    health-check-url-path: ${management.endpoints.web.base-path}/health
    metadata-map:
      zone: primary # This is needed for the load balancer
      profile: ${spring.profiles.active}
      version: '@project.version@'
      git-version: ${git.commit.id.describe:}
      git-commit: ${git.commit.id.abbrev:}
      git-branch: ${git.branch:}
      context-path: ${server.servlet.context-path:}
<%_ } _%>
<%_ if ((applicationTypeGateway || applicationTypeMicroservice) && reactive) { _%>
reactive:
  feign:
    circuit:
      breaker:
        enabled: true
  # client:
  #   config:
  #     default:
  #       connectTimeout: 5000
  #       readTimeout: 5000
<%_ } _%>
<%_ if (applicationTypeMicroservice && !reactive) { _%>
feign:
  circuitbreaker:
    enabled: true
  # client:
  #   config:
  #     default:
  #       connectTimeout: 5000
  #       readTimeout: 5000
<%_ } _%>
management:
  endpoints:
    web:
      base-path: /management
      exposure:
        include:
          - configprops
          - env
<% if (applicationTypeGateway) { -%>
          - gateway
<% } -%>
          - health
          - info
          - jhimetrics
          - jhiopenapigroups
          - logfile
          - loggers
          - prometheus
          - threaddump
<% if (cacheProviderAny) { -%>
          - caches
<% } -%>
<% if (databaseMigrationLiquibase) { -%>
          - liquibase
<% } -%>
  endpoint:
    health:
      show-details: when_authorized
      roles: "ROLE_ADMIN"
      probes:
        enabled: true
      group:
        liveness:
          include: livenessState
        readiness:
          include: readinessState<% if (databaseTypeSql && !reactive) { %>,db<% } %>
    jhimetrics:
      access: read-only
  info:
    git:
      mode: full
    env:
      enabled: true
  health:
    mail:
      enabled: false # When using the MailService, configure an SMTP server and set this to true
  prometheus:
    metrics:
      export:
        enabled: true
        step: 60
  observations:
    key-values:
      application: ${spring.application.name}
  metrics:
    enable:
      http: true
      jvm: true
      logback: true
      process: true
      system: true
    distribution:
      percentiles-histogram:
        all: true
      percentiles:
        all: 0, 0.5, 0.75, 0.95, 0.99, 1.0
    data:
      repository:
        autotime:
          enabled: true
    tags:
      application: ${spring.application.name}

<%_ if (databaseTypeMongodb) { _%>
mongock:
  migration-scan-package:
    - <%= packageName %>.config.dbmigrations

<%_ } _%>
spring:
<%_ if (databaseTypeSql && messageBrokerKafka) { _%>
  autoconfigure:
    exclude: org.springframework.boot.actuate.autoconfigure.metrics.jdbc.DataSourcePoolMetricsAutoConfiguration
<%_ } _%>
  application:
    name: <%= baseName %>
<%_ if (serviceDiscoveryConsul || applicationTypeGateway || messageBrokerKafka) { _%>
  cloud:
  <%_ if (serviceDiscoveryConsul) { _%>
    consul:
      discovery:
        healthCheckPath: /management/health
        instanceId: <%= baseName.toLowerCase() %>:${spring.application.instance-id:${random.value}}
        service-name: <%= baseName.toLowerCase() %>
      config:
        watch:
          enabled: false
  <%_ } _%>
  <%_ if (applicationTypeGateway) { _%>
    <%_ if (!serviceDiscoveryAny) { _%>
    discovery:
      client:
        simple:
          instances:
            <%= lowercaseBaseName %>:
              - instanceId: <%= lowercaseBaseName %>1
                host: localhost
                port: <%= serverPort %>
      <%_ for (const ms of gatewayRoutes ?? []) { _%>
            <%= ms.route %>:
              - instanceId: <%= ms.route %>1
                host: <%= ms.host %>
                port: <%= ms.serverPort %>
      <%_ } _%>
    <%_ } _%>
    gateway:
      server:
    <%_ if (reactive) { _%>
        webflux:
          default-filters:
            - <% if (authenticationTypeJwt) { %>JWTRelay<% } else { %>TokenRelay<% } %>
    <%_ } else { _%>
        webmvc:
    <%_ } _%>
    <%_ if (serviceDiscoveryAny) { _%>
          discovery:
            locator:
              enabled: true
              lower-case-service-id: true
              predicates:
                - name: Path
                  args:
                    pattern: "'/services/'+serviceId.toLowerCase()+'/**'"
              filters:
                - StripPrefix=2
    <%_ } _%>
    <%_ if (reactive) { _%>
          httpclient:
            pool:
              max-connections: 1000
    <%_ } _%>
    <%_ if (!serviceDiscoveryAny) { _%>
          routes:
            - id: <%= lowercaseBaseName %>_route
              uri: lb://<%= lowercaseBaseName %>
              predicates:
                - Path=/services/<%= lowercaseBaseName %>/**
              filters:
                - StripPrefix=2
      <%_ for (const ms of gatewayRoutes ?? []) { _%>
            - id: <%= ms.route %>_route
              uri: lb://<%= ms.route %>
              predicates:
                - Path=/services/<%= ms.route %>/**
              filters:
        <%_ if (!reactive && authenticationTypeOauth2) { _%>
                - TokenRelay
        <%_ } _%>
                - StripPrefix=2
      <%_ } _%>
    <%_ } _%>
          # See alternatives in https://github.com/spring-cloud/spring-cloud-gateway/issues/3818
          trusted-proxies: '.*'
  <%_ } _%>
  <%_ if (messageBrokerKafka) { _%>
    function:
      definition: kafkaConsumer;kafkaProducer
    stream:
      kafka:
        binder:
          replicationFactor: 1
          auto-create-topics: true
          brokers: localhost:9092
      bindings:
        binding-out-0:
          content-type: text/plain
          group: <%= dasherizedBaseName %>
        kafkaConsumer-in-0:
          destination: sse-topic
          content-type: text/plain
          group: <%= dasherizedBaseName %>
        kafkaProducer-out-0:
          content-type: text/plain
          group: <%= dasherizedBaseName %>
  <%_ } _%>
<%_ } _%>
<%_ if ('dockerServices' in locals && dockerServices?.length) { _%>
  docker:
    compose:
      enabled: true
      lifecycle-management: start-only
  <%_ if (applicationTypeMicroservice) { _%>
      file: <%- dockerServicesDir %><%- databaseTypeSql ? prodDatabaseType : databaseType %>.yml
  <%_ } else { _%>
      file: <%- dockerServicesDir %>services.yml
  <%_ } _%>
<%_ } _%>
  profiles:
    # The commented value for `active` can be replaced with valid Spring profiles to load.
    # Otherwise, it will be filled in by <%= buildTool %> when building the JAR file
    # Either way, it can be overridden by `--spring.profiles.active` value passed in the commandline or `-Dspring.profiles.active` set in `JAVA_OPTS`
    active: '@spring.profiles.active@'
    group:
      dev:
        - dev
        - api-docs
        # Uncomment to activate TLS for the dev profile
        #- tls
  jmx:
    enabled: false
<%_ if (databaseTypeSql && !reactive) { _%>
  data:
    jpa:
      repositories:
        bootstrap-mode: deferred
  jpa:
    open-in-view: false
    properties:
      hibernate.jdbc.time_zone: UTC
      hibernate.timezone.default_storage: NORMALIZE
      hibernate.type.preferred_instant_jdbc_type: TIMESTAMP
      hibernate.id.new_generator_mappings: true
      hibernate.connection.provider_disables_autocommit: true
      hibernate.cache.use_second_level_cache: <% if (enableHibernateCache) { %>true<% } else { %>false<% } %>
      hibernate.cache.use_query_cache: false
      hibernate.generate_statistics: false
      # modify batch size as necessary
      hibernate.jdbc.batch_size: 25
      hibernate.order_inserts: true
      hibernate.order_updates: true
  <%_ if (prodDatabaseTypeMssql || prodDatabaseTypeOracle) { _%>
      # modify fetch size as necessary
      hibernate.jdbc.fetch_size: 150
      hibernate.criteria.literal_handling_mode: BIND
  <%_ } _%>
      hibernate.query.fail_on_pagination_over_collection_fetch: true
      hibernate.query.in_clause_parameter_padding: true
  <%_ if (enableHibernateCache) { _%>
    <%_ if (cacheProviderHazelcast) { _%>
      hibernate.cache.region.factory_class: com.hazelcast.hibernate.HazelcastCacheRegionFactory
      hibernate.cache.use_minimal_puts: true
      hibernate.cache.hazelcast.instance_name: <%= baseName %>
      hibernate.cache.hazelcast.use_lite_member: true
    <%_ } else if (cacheProviderInfinispan) { _%>
      hibernate.cache.region.factory_class: infinispan
      hibernate.cache.infinispan.statistics: false
      hibernate.cache.use_minimal_puts: true
      hibernate.cache.infinispan.entity.expiration.lifespan: 3600000
      hibernate.cache.infinispan.entity.memory.size: 1000
      hibernate.cache.infinispan.jgroups_cfg: default-configs/default-jgroups-tcp.xml
    <%_ } _%>
  <%_ } _%>
    hibernate:
      ddl-auto: none
      naming:
        physical-strategy: org.hibernate.boot.model.naming.CamelCaseToUnderscoresNamingStrategy
        implicit-strategy: org.springframework.boot.orm.jpa.hibernate.SpringImplicitNamingStrategy
<%_ } _%>
  messages:
    basename: i18n/messages
  main:
    allow-bean-definition-overriding: true
  <% if (reactive) { %>webflux<% } else { %>mvc<% } %>:
    problemdetails:
      enabled: true
<%_ if (generateInMemoryUserCredentials || authenticationTypeOauth2 || authenticationTypeJwt) { _%>
  security:
  <%_ if (generateInMemoryUserCredentials) { _%>
    user:
      name: admin
      password: admin
      roles:
        - ADMIN
        - USER
  <%_ } _%>
  <%_ if (authenticationTypeOauth2) { _%>
    oauth2:
      client:
        provider:
          oidc:
            issuer-uri: http://localhost:9080/realms/jhipster
        registration:
          oidc:
    <%_ if (applicationTypeMicroservice) { _%>
            client-id: internal
            client-secret: internal
    <%_ } else { _%>
            client-id: web_app
            client-secret: web_app
    <%_ } _%>
            scope: openid, profile, email, offline_access # last one for refresh tokens
  <%_ } _%>
  <%_ if (authenticationTypeJwt) { _%>
    oauth2:
      resourceserver:
        jwt:
          authority-prefix: ''
          authorities-claim-name: auth
  <%_ } _%>
<%_ } _%>
  task:
    execution:
      thread-name-prefix: <%= dasherizedBaseName %>-task-
      pool:
        core-size: 2
        max-size: 50
        queue-capacity: 10000
    scheduling:
      thread-name-prefix: <%= dasherizedBaseName %>-scheduling-
      pool:
        size: 2
  thymeleaf:
    mode: HTML
  output:
    ansi:
      console-available: true

server:
  servlet:
    session:
      cookie:
        http-only: true

springdoc:
  show-actuator: true

# Properties to be exposed on the /info management endpoint
info:
  # Comma separated list of profiles that will trigger the ribbon to show
  display-ribbon-on-profiles: 'dev'

# ===================================================================
# JHipster specific properties
#
# Full reference is available at: https://www.jhipster.tech/common-application-properties/
# ===================================================================

jhipster:
<%_ if (!skipClient) { _%>
  clientApp:
    name: "<%= locals.frontendAppName %>"
  # By default CORS is disabled. Uncomment to enable.
  # cors:
  #   allowed-origins: "http://localhost:8100,http://localhost:9000"
  #   allowed-methods: "*"
  #   allowed-headers: "*"
  <%_ if (authenticationTypeSession) { _%>
  #   exposed-headers: "Link,X-Total-Count,X-${jhipster.clientApp.name}-alert,X-${jhipster.clientApp.name}-error,X-${jhipster.clientApp.name}-params"
  <%_ } else { _%>
  #   exposed-headers: "Authorization,Link,X-Total-Count,X-${jhipster.clientApp.name}-alert,X-${jhipster.clientApp.name}-error,X-${jhipster.clientApp.name}-params"
  <%_ } _%>
  #   allow-credentials: true
  #   max-age: 1800
<%_ } _%>
  mail:
    from: <%= baseName %>@localhost
  api-docs:
    default-include-pattern: /api/**
    management-include-pattern: /management/**
    title: <%= humanizedBaseName %> API
    description: <%= humanizedBaseName %> API documentation
    version: 0.0.1
    terms-of-service-url:
    contact-name:
    contact-url:
    contact-email:
    license: unlicensed
    license-url:
  security:
<%_ if(!skipClient) { _%>
    <%_ if (clientTheme !== 'none') { _%>
    content-security-policy: "default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' data:; font-src 'self' https://fonts.gstatic.com data:"
    <%_ } else { _%>
    content-security-policy: "default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:"
    <%_ } _%>
<%_ } _%>
<%_ if (authenticationTypeOauth2) { _%>
    oauth2:
      audience:
        - account
        - api://default
<%_ } _%>

# jhipster-needle-add-application-yaml-document
---
# ===================================================================
# Application specific properties
# Add your own application properties here, see the ApplicationProperties class
# to have type-safe configuration, like in the JHipsterProperties above
#
# More documentation is available at:
# https://www.jhipster.tech/common-application-properties/
# ===================================================================

# application:
